Credit card data breach costs CIOs big time despite hacker profit

Who profits from a credit card data breach? It doesn't matter. It will cost CIOs and their companies big time. Also in this week's Searchlight: Amazon smartphone announcement, Netflix plea to FCC and more.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

companies a lot of dollars and costing CIOs their jobs.

Look no further than those two massive payment card breach victims -- Target and Neiman Marcus. "The Target breach has already cost the CEO and CIO their jobs and the financial costs may reach as much as $18 billion once all is said and done," explains Wade Williamson, Shape Security senior threat researcher and Forbes contributor. In Neiman Marcus's case, Michael R. Kingston still stands strong in his CIO role, but the company developed a new-to-them new position in the C-suite: chief information security officer (CISO). Target has also hopped on the CISO bandwagon, appointing GM chief information security and IT risk officer Brad Maiorino as their first.

Aside from the C-suite shake-ups, the financial damage has been well-documented. Between card replacements, credit card monitoring for victims, lost business, declining stock prices, fines and lawsuits, it costs companies like Target and Neiman Marcus an average of $188 per compromised record, according to a Ponemon Institute study published in 2013.

Less known -- and possibly instructive for CIOs and CISOs -- is how this stolen data is monetized after the breach. In his piece in this week's Forbes, "The Underground Economy of Data Breaches," Williamson explains that unlike the financial toll on companies, which is exacted at the time of the breach, the profit to the hackers dwindles over time: it depends on how well they can navigate the nether regions of organized crime rings -- and how quickly they can monetize the stolen data. This sensitive information has a shelf life.

However -- and here is the scary part for CIOs and CISOs -- as breaches are publicized and the value to criminals sensationalized in the media, your everyday hacker is now convinced he or she can make a killing on this data, according to Williamson. "Unfortunately, more and more opportunistic criminals enter the market, card breaches could begin to look less like an Ocean’s 11 style of heist and more like opportunistic vandals who are willing to burn down your home in order to steal the copper plumbing inside."

Burn down your house for the copper plumbing inside! It's an interesting read and, yes, it comes with a moral for CIOs.No matter how little a hapless hacker profits from the breach of your systems, it will cost your company big time. Next week on CIO, you'll be hearing more about how to protect against a data breach in the Internet of Things era. Meanwhile, an observation: Design your systems for an attack, because your systems will be breached.

Big news on the consumer side of things: Amazon has introduced its long-awaited Fire phone. The new device features audio- and image-recognition for Amazon's online store, 3-D viewing, unlimited storage for photos and a year of free membership to its Prime fast-shipping program. Plus, interesting design crimes. Will Fire be in your back pocket?

In net neutrality news, the debate over the FCC's new proposal to dissolve current Internet rules continues, but an interesting new spin emerges. Netflix is asking the FCC to intervene in its dealings with ISPs like Comcast and Verizon, claiming the ISPs were intentionally letting their connections deteriorate to force Netflix to pay up for better service.

In lighter news -- well, sort of -- this robot might look friendly but it is programmed to do a serious job. Bob, a security robot developed by a team at the UK's University of Birmingham, scans surroundings using 3D sensors and logs whether anything has changed since the last scan.

With the World Cup in full swing, many are celebrating -- or drowning sorrows -- with good ole fashioned alcohol. The Vessyl 'smart cup' from Mark One not only recognizes how many servings you've had, but can analyze alcohol content and tell you when it might be a good idea to stop drinking.

1 comment

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy